Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Host your own DNS with PowerDNS on CentOS 7
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Host your own DNS with PowerDNS on CentOS 7

    First tutorial for LET, please let me know where I can improve.

    Host your own DNS with PowerDNS on CentOS 7

    This tutorial will show you how to configure your own DNS server on CentOS 7 using PowerDNS.

    Step 1. Prereqs

    We will run PowerDNS with the MySQL backend, so we must install and configure that first.

    Step 1.1 Install MariaDB

    MariaDB is a replacement for MySQL used by CentOS.

    First install MariaDB.

    yum install mariadb-server mariadb

    Then enable it and start it.

    # systemctl enable mariadb

    # systemctl start mariadb

    Step 1.2 Configure MariaDB

    mysql_secure_installation

    Answer the default to all questions, and make a root password and write it down.

    Step 2. Prepare the repositories and install PowerDNS

    PowerDNS is available in the CentOS repos, but it is an old version. So let's grab the updated one from PowerDNS's repo.

    # yum install epel-release yum-plugin-priorities

    # curl -o /etc/yum.repos.d/powerdns-auth-40.repo https://repo.powerdns.com/repo-files/centos-auth-40.repo

    # yum install pdns pdns-backend-mysql

    This downloads and installs the epel repository, then the PowerDNS repository, then installs pdns and the mysql plugin.

    Step 3. Configre the database

    Step 3.1 Configure a MySQL database and user for PowerDNS

    # mysql -u root -p

    Then enter your MySQL root password you created earlier.

    Execute the following commands:

    CREATE DATABASE powerdns;

    CREATE USER 'powerdns'@'localhost' IDENTIFIED BY 'mysecretpassword';

    GRANT ALL PRIVILEGES ON powerdns.* TO 'powerdns'@'localhost';

    Step 3.2 Configure the PowerDNS database

    Execute the following commands, still in the MySQL shell. Copy and pasting is recommended.

    CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT DEFAULT NULL, account VARCHAR(40) DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB;
    CREATE UNIQUE INDEX name_index ON domains(name);
    CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB;
    CREATE INDEX nametype_index ON records(name,type);
    CREATE INDEX domain_id ON records(domain_id);
    CREATE INDEX recordorder ON records (domain_id, ordername);
    CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB;
    CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) NOT NULL, comment VARCHAR(64000) NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB;
    CREATE INDEX comments_domain_id_idx ON comments (domain_id);
    CREATE INDEX comments_name_type_idx ON comments (name, type);
    CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
    CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB;
    CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
    CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB;
    CREATE INDEX domainidindex ON cryptokeys(domain_id);
    CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB;
    CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

    You can then execute the following to quit the MySQL shell.

    quit;

    Step 4. Configure PowerDNS

    Open the configuration file using vi or nano. It is located at /etc/pdns/pdns.conf

    Locate the line that says launch= and change it to launch=gmysql

    Then add the following 4 lines

    gmysql-host=127.0.0.1
    gmysql-user=powerdns
    gmysql-dbname=powerdns
    gmysql-password=mysecretpassword

    Replace the password with the one that you created earlier for the PowerDNS user.

    Step 5. Enable and start PowerDNS

    # systemctl enable pdns

    # systemctl start pdns

    Step 6. Allow through the firewall

    If you're using firewalld, you'll have to execute:

    # firewall-cmd --permanent --add-service=dns

    # firewall-cmd --reload

    Congrats, you now have a functioning DNS server! To add entries, I recommend using a frontend such as PowerDNS-Admin, which can be found at https://github.com/ngoduykhanh/PowerDNS-Admin

    Thanked by 2alilet WebProject

    Comments

    • Thanks for the Tut.

      From your experience, do you think 3 servers on different VPS would be sufficient to setup a reliable DNS system. What are the basic specs for the server to install PowerDNS? The docs don't seem to give any guidelines.

      Are you looking for some textual fun?

    • @ramesh_vish said:
      Thanks for the Tut.

      From your experience, do you think 3 servers on different VPS would be sufficient to setup a reliable DNS system. What are the basic specs for the server to install PowerDNS? The docs don't seem to give any guidelines.

      It ultimately depends on the # of visitors you get. Plus, you'll want legroom to scale if there are spikes in traffic (ie. queries) to your server.

    • doghouch said: It ultimately depends on the # of visitors you get. Plus, you'll want legroom to scale if there are spikes in traffic (ie. queries) to your server.

      For low volume sites (a combined total of 5K visits per day from all domains), would a 512 MB VPS work? From my initial read of the docs (and this guide), looks like a majority of the memory would be consumed by MySQL.

      Are you looking for some textual fun?

    • umeume Member

      If you are creating a public DNS server, make sure it is not vulnerable to DNS amplification attacks. I don't know if Power DNS already has measures against it in the default configuration in the guide above. So I suggest you do some research and check it before you bring it online.
      https://deepthought.isc.org/article/AA-00897/0/What-is-a-DNS-Amplification-Attack.html

    • Thanks for this guide.

    • aliletalilet Member

      Guys what is the advantage of using own DNS instead of one provided by hosting provider?

      Let's say I have a VPS on which I will host one website (or may be two). Do you think it is feasible to have my own DNS on same VPS or it is better to use provided by hosting company?

      List of all VirMach VPS | VirMach Special Offers | You've never seen a Gaming VPS like this before

    • SaragoldfarbSaragoldfarb Member
      edited July 2017

      @alilet said:
      Guys what is the advantage of using own DNS instead of one provided by hosting provider?

      Let's say I have a VPS on which I will host one website (or may be two). Do you think it is feasible to have my own DNS on same VPS or it is better to use provided by hosting company?

      Go for a hosted solution unless:

      1. You know what you're doing and have knowledge about how DNS works

      2. Make sure you're willing to do the maintenance that comes with it

      3. You are willing to get at least 2 vms to host just your DNS in geographical diverse locations.

      Running your own DNS isn't that hard and gives you a lot more flexibility. For just 2 domains I'd suggest cloudflare though.

    • painfreepcpainfreepc Member
      edited July 2017

      is maradns safe to use, it war easy to setup and needs no database,

      I even made a failover system using bittorrent sync -

      last time i used it was about 3 years ago

    Sign In or Register to comment.